NotCVE - vendor:"Citrix" product:"Netscaler Gateway Firmware" version:"10.1"

Page 2 of 14 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2015-7997

https://notcve.org/view.php?id=CVE-2015-7997

Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de XSS en la API Nitro en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway en versiones anteriores a 10.1 Build 133.9, 10.5 en versiones anteriores a Build 58.11 y 10.5.e en versiones anteriores a Build 56.1505.e en dispositivos NetScaler Service Delivery Appliance Service VM (SVM) permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://support.citrix.com/article/CTX202482 http://www.securitytracker.com/id/1034167 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2015-6672

https://notcve.org/view.php?id=CVE-2015-6672

Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la Administrative Web Interface en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway en versiones anteriores a 10.1 Build 132.8, 10.5 en versiones anteriores a Build 57.7 y 10.5e en versiones anteriores a Build 56.1505.e, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://support.citrix.com/article/CTX201334 http://www.securitytracker.com/id/1033618 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2015-5538

https://notcve.org/view.php?id=CVE-2015-5538

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI). Múltiples vulnerabilidades no especificadas en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway en versiones anteriores a 10.1 Build 132.8, 10.5 en versiones anteriores a Build 57.7 y 10.5e en versiones anteriores a Build 56.1505.e, permite a atacantes remotos obtener privilegios a través de vectores no especificados, relacionado con la (1) Command Line Interface (CLI) y (2) Web User Interface (UI). • http://support.citrix.com/article/CTX201334 http://www.securitytracker.com/id/1033618 •

CVSS: 9.0EPSS: 0%CPEs: 27EXPL: 0

CVE-2015-5080

https://notcve.org/view.php?id=CVE-2015-5080

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs. La interfaz de gestión en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway 10.1 anterior a 10.1.132.8, 10.5 anterior a Build 56.15 y 10.5.e anterior a Build 56.1505.e, permite a usuarios remotos autenticados ejecutar comandos de shell arbitrarios a través de metacaracteres de shell en el parámetro de filtro to rapi/ipsec_logs. • http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf http://support.citrix.com/article/CTX201149 http://www.securityfocus.com/bid/75505 http://www.securitytracker.com/id/1032762 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2014-4346 – Citrix Netscaler Disclosure / Cross Site Scripting

https://notcve.org/view.php?id=CVE-2014-4346

Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la interfaz del usuario de administración en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway (anteriormente Access Gateway Enterprise Edition) 10.1 anterior a 10.1-126.12 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway are susceptible to cookie disclosure and reflective cross site scripting vulnerabilities. • http://seclists.org/fulldisclosure/2014/Jul/77 http://secunia.com/advisories/59942 http://support.citrix.com/article/CTX140863 http://www.securityfocus.com/archive/1/532802/100/0/threaded http://www.securityfocus.com/bid/68535 http://www.securitytracker.com/id/1030572 http://www.securitytracker.com/id/1030573 https://exchange.xforce.ibmcloud.com/vulnerabilities/94493 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3